Amazon 'New Security Feature' Phishing Scam
According to this email, which claims to be from Amazon, the company has added a new security feature and you must therefore click a link to update your account information. The message notes that you must perform the update within 24 hours.
However, the email is not from Amazon. It is a phishing scam designed to steal your personal and financial information.
If you click the link in the email, you will be taken to a fraudulent website that has been built to mirror a genuine Amazon webpage. Once on the fake site, you will be asked to login with your Amazon account email address and password.
If you enter your login details as requested, you will be taken to a second fake page that asks for your name, address, and contact details. Next, you will be taken to a third fake page that asks you to supply your credit card details. The form also asks US residents for their social security number.
Finally, you will be automatically redirected to the genuine Amazon website. At this point, you may believe that you have successfully completed the required account update.
But, meanwhile, the criminals who sent the phishing email can use information you supplied to hijack your Amazon account, and commit credit card fraud and identity theft.
Amazon will never send you an unsolicited email that demands that you update account information by clicking a link or opening an attached file. It is always safest to login to your Amazon and other online accounts by entering the address into your browser's address bar rather than by clicking a link in an email.
Phishing scams that target Amazon customers are very common. You can report Amazon phishing emails via the reporting address listed on the company's website.
Dear Amazon.com Customer,
Amazon.com has recently updated our customer database and new security feature has been added to our website for effective shipping and order. Please click the link below to update your account information within 24-hours.